search
The Hacker's Notes
githubEdit

Shell

hashtag
Upgrade to Fully Interactive TTY

After reverse shell, the shell has poorly functions, so we can upgrade to more functional shell.

hashtag
Upgrade

After connecting to the target shell with reverse shell, it's recommended to make the shell to be more elegant.

python3 -c 'import pty; pty.spawn("/bin/bash")'
# or
python -c 'import pty; pty.spawn("/bin/bash")'
# or
python2 -c 'import pty; pty.spawn("/bin/bash")'
# or
SHELL=/bin/bash script -q /dev/null

The commands below make our shell even more perfect.

Ctrl+z
stty raw -echo;fg
Enter x2
export TERM=xterm

hashtag
Reverse Shell Cheat Sheet

hashtag
Setup Listener

First of all, we need to start a listener in local machine to get an incoming connection.

hashtag
Online Generator

hashtag
Bash

hashtag
with Base64

Execute the following commands in target machine.

hashtag
Netcat OpenBSD

hashtag
Ncat

hashtag
NodeJS

Reference: https://medium.com/dont-code-me-on-that/bunch-of-shells-nodejs-cdd6eb740f73arrow-up-right

hashtag
Perl

hashtag
PHP

hashtag
Python

hashtag
Ruby

hashtag
PowerShell

hashtag
Bypass AV (Antivirus)

Then execute it and write to a file.

Start a listener for receiving incoming requests. Specify the port which was given the previous command.

After that, upload shell.bat to target website.

hashtag
Nishang

Nishangarrow-up-right is the Offensive PowerShell for red team, penetration testing and offensive security.

hashtag
1. Preparing the Payload in Your Local Machine

First off, copy the payload to the current working directory.

Add the following code to the final line in the payload (shell.ps1).

hashtag
2. Opening Wev Server in Your Local Machine

To download the payload and execute the reverse shell in the target machine, open the web server in your local machine.

hashtag
3. Start a Listener

And start a listener for receiving incoming requests in our local machine.

hashtag
4. Download the Payload and Executing Reverse Shell

In the target machine, download the local-hosted payload and run reverse shell.

PreviousReverse ShellsNextFile transfer

Last updated